BTW, I personally think that even aggregate routes bring more headache than benefits, let alone generate.
Classic case is using aggregate to generate your own public prefixes and at the same time having a loopback address out of this range. Or a static route. Or a connected subnet. Theoretically you can sort this out with policies, but it's very error-prone. These routes tend to be relatively stable, so NOCs never deal with the underlying dynamism and often forget to update policies, when adding static routes/whatever. Generate is even clumsier, all this "WTF if my next-hop?" tie-breaking stuff is the best way to the unmanageable mess. As of my opinion, static floating (preference 999) discard is your friend for this kind of aggregation. In addition, in the case of Internet, it's always a good idea to have a static floating discard, otherwise you have an implicit static floating REJECT as prescribed by RFC1812 (see your show route forwarding-table) and all the corresponding risks to DoS your uKernel MPC CPU. Regards, Pavel _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp